package com.ssm.controller;

import com.ssm.domain.Product;
import com.ssm.service.IProductService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.annotation.Secured;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

import javax.annotation.security.RolesAllowed;
import java.util.List;
/**
 * @Author: my_code
 * @Description: 产品管理
 * @Date: Create in 17:11 2020/8/26
 */

@Controller
@RequestMapping("/product")
public class ProductController {

    @Autowired
    private IProductService productService;


    /**
     * @return : java.lang.String
     * @Description : 新建产品保存
     * @param : [product]
     */
    @RequestMapping("/save.do")
    public String save(Product product) throws Exception {
        productService.save(product);
        return "redirect:findAll.do";
    }


    /**
     * @return : org.springframework.web.servlet.ModelAndView
     * @Description : 查询所有产品信息,并反馈到product-list.jsp页面
     * 其中@RolesAllowed("ADMIN")注解表：只有ADMIN角色控制执行此操作，
     * 注意@RolesAllowed中的参数是可以省略"ROLE_"的
     * @param : []
     */
    @RequestMapping("/findAll.do")
    @RolesAllowed("ADMIN")
    public ModelAndView findAll() throws Exception {
        ModelAndView mv = new ModelAndView();
        List<Product> ps = productService.findAll();
        mv.addObject("productList", ps);
        mv.setViewName("product-list");
        return mv;
    }

    /**
     * @return : java.lang.String
     * @Description : 删除产品信息，并重定向到"/findAll.do"
     * 其中@Secured("ROLE_ADMIN")注解表示：只有 ADMIN 角色的用户才有权限执行此操作
     * @param : [id]
     */
    @Secured("ROLE_ADMIN")
    @RequestMapping("/deleteById.do")
    public String deleteById(@RequestParam("id") String id) throws Exception {
        productService.deleteById(id);
        return "redirect:findAll.do";
    }
}
